diff --git a/conf/default.conf.php b/conf/default.conf.php
index 8a6a60101b..95f99eb5f9 100644
--- a/conf/default.conf.php
+++ b/conf/default.conf.php
@@ -1,295 +1,289 @@
 <?php
 
 /*
  * Copyright 2011 Facebook, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 return array(
 
   // The root URI which Phabricator is installed on.
   // Example: "http://phabricator.example.com/"
   'phabricator.base-uri'        => null,
 
-  // The Conduit URI for API access to this install. Normally this is just
-  // the 'base-uri' plus "/api/" (e.g. "http://phabricator.example.com/api/"),
-  // but make sure you specify 'https' if you have HTTPS configured.
-  'phabricator.conduit-uri'     => null,
-
-
   // The default PHID for users who haven't uploaded a profile image. It should
   // be 50x50px.
   'user.default-profile-image-phid' => 'PHID-FILE-f57aaefce707fc4060ef',
 
 // -- Access Control -------------------------------------------------------- //
 
   // Phabricator users have one of three access levels: "anyone", "verified",
   // or "admin". "anyone" means every user, including users who do not have
   // accounts or are not logged into the system. "verified" is users who have
   // accounts, are logged in, and have satisfied whatever verification steps
   // the configuration requires (e.g., email verification and/or manual
   // approval). "admin" is verified users with the "administrator" flag set.
 
   // These configuration options control which access level is required to read
   // data from Phabricator (e.g., view revisions and comments in Differential)
   // and write data to Phabricator (e.g., upload files and create diffs). By
   // default they are both set to "verified", meaning only verified user
   // accounts can interact with the system in any meaningful way.
 
   // If you are configuring an install for an open source project, you may
   // want to reduce the "phabricator.read-access" requirement to "anyone". This
   // will allow anyone to browse Phabricator content, even without logging in.
 
   // Alternatively, you could raise the "phabricator.write-access" requirement
   // to "admin", effectively creating a read-only install.
 
 
   // Controls the minimum access level required to read data from Phabricator
   // (e.g., view revisions in Differential). Allowed values are "anyone",
   // "verified", or "admin". Note that "anyone" includes users who are not
   // logged in! You should leave this at 'verified' unless you want your data
   // to be publicly readable (e.g., you are developing open source software).
   'phabricator.read-access'     => 'verified',
 
   // Controls the minimum access level required to write data to Phabricator
   // (e.g., create new revisions in Differential). Allowed values are
   // "verified" or "admin". Setting this to "admin" will effectively create a
   // read-only install.
   'phabricator.write-access'    => 'verified',
 
 
 // -- DarkConsole ----------------------------------------------------------- //
 
   // DarkConsole is a administrative debugging/profiling tool built into
   // Phabricator. You can leave it disabled unless you're developing against
   // Phabricator.
 
   // Determines whether or not DarkConsole is available. DarkConsole exposes
   // some data like queries and stack traces, so you should be careful about
   // turning it on in production (although users can not normally see it, even
   // if the deployment configuration enables it).
   'darkconsole.enabled'         => true,
 
   // Always enable DarkConsole, even for logged out users. This potentially
   // exposes sensitive information to users, so make sure untrusted users can
   // not access an install running in this mode. You should definitely leave
   // this off in production. It is only really useful for using DarkConsole
   // utilties to debug or profile logged-out pages. You must set
   // 'darkconsole.enabled' to use this option.
   'darkconsole.always-on'       => false,
 
 
   // Allows you to mask certain configuration values from appearing in the
   // "Config" tab of DarkConsole.
   'darkconsole.config-mask'     => array(
     'mysql.pass',
     'amazon-ses.secret-key',
     'recaptcha.private-key',
     'phabricator.csrf-key',
     'facebook.application-secret',
     'github.secret',
   ),
 
 // --  MySQL  --------------------------------------------------------------- //
 
   // The username to use when connecting to MySQL.
   'mysql.user' => 'root',
 
   // The password to use when connecting to MySQL.
   'mysql.pass' => '',
 
   // The MySQL server to connect to.
   'mysql.host' => 'localhost',
 
 
 // -- Email ----------------------------------------------------------------- //
 
   // Some Phabricator tools send email notifications, e.g. when Differential
   // revisions are updated or Maniphest tasks are changed. These options allow
   // you to configure how email is delivered.
 
   // You can test your mail setup by going to "MetaMTA" in the web interface,
   // clicking "Send New Message", and then composing a message.
 
   // Default address to send mail "From".
   'metamta.default-address'     => 'noreply@example.com',
 
   // When a user takes an action which generates an email notification (like
   // commenting on a Differential revision), Phabricator can either send that
   // mail "From" the user's email address (like "alincoln@logcabin.com") or
   // "From" the 'metamta.default-address' address. The user experience is
   // generally better if Phabricator uses the user's real address as the "From"
   // since the messages are easier to organize when they appear in mail clients,
   // but this will only work if the server is authorized to send email on behalf
   // of the "From" domain. Practically, this means:
   //    - If you are doing an install for Example Corp and all the users will
   //      have corporate @corp.example.com addresses and any hosts Phabricator
   //      is running on are authorized to send email from corp.example.com,
   //      you can enable this to make the user experience a little better.
   //    - If you are doing an install for an open source project and your
   //      users will be registering via Facebook and using personal email
   //      addresses, you MUST NOT enable this or virtually all of your outgoing
   //      email will vanish into SFP blackholes.
   //    - If your install is anything else, you're much safer leaving this
   //      off since the risk in turning it on is that your outgoing mail will
   //      mostly never arrive.
   'metamta.can-send-as-user'    => false,
 
   // Adapter class to use to transmit mail to the MTA. The default uses
   // PHPMailerLite, which will invoke PHP's mail() function. This is appropriate
   // if mail() actually works on your host, but if you haven't configured mail
   // it may not be so great. You can also use Amazon SES, by changing this to
   // 'PhabricatorMailImplementationAmazonSESAdapter', signing up for SES, and
   // filling in your 'amazon-ses.access-key' and 'amazon-ses.secret-key' below.
   'metamta.mail-adapter'        =>
     'PhabricatorMailImplementationPHPMailerLiteAdapter',
 
   // When email is sent, try to hand it off to the MTA immediately. This may
   // be worth disabling if your MTA infrastructure is slow or unreliable. If you
   // disable this option, you must run the 'metamta_mta.php' daemon or mail
   // won't be handed off to the MTA. If you're using Amazon SES it can be a
   // little slugish sometimes so it may be worth disabling this and moving to
   // the daemon after you've got your install up and running. If you have a
   // properly configured local MTA it should not be necessary to disable this.
   'metamta.send-immediately'    => true,
 
   // If you're using Amazon SES to send email, provide your AWS access key
   // and AWS secret key here. To set up Amazon SES with Phabricator, you need
   // to:
   //  - Make sure 'metamta.mail-adapter' is set to:
   //    "PhabricatorMailImplementationAmazonSESAdapter"
   //  - Make sure 'metamta.can-send-as-user' is false.
   //  - Make sure 'metamta.default-address' is configured to something sensible.
   //  - Make sure 'metamta.default-address' is a validated SES "From" address.
   'amazon-ses.access-key'       =>  null,
   'amazon-ses.secret-key'       =>  null,
 
 
 // -- Auth ------------------------------------------------------------------ //
 
   // Can users login with a username/password, or by following the link from
   // a password reset email? You can disable this and configure one or more
   // OAuth providers instead.
   'auth.password-auth-enabled'  => true,
 
 
 // -- Accounts -------------------------------------------------------------- //
 
   // Is basic account information (email, real name, profile picture) editable?
   // If you set up Phabricator to automatically synchronize account information
   // from some other authoritative system, you can disable this to ensure
   // information remains consistent across both systems.
   'account.editable'            => true,
 
 
 // --  Facebook  ------------------------------------------------------------ //
 
   // Can users use Facebook credentials to login to Phabricator?
   'facebook.auth-enabled'       => false,
 
   // Can users use Facebook credentials to create new Phabricator accounts?
   'facebook.registration-enabled' => true,
 
   // Are Facebook accounts permanently linked to Phabricator accounts, or can
   // the user unlink them?
   'facebook.auth-permanent'     => false,
 
   // The Facebook "Application ID" to use for Facebook API access.
   'facebook.application-id'     => null,
 
   // The Facebook "Application Secret" to use for Facebook API access.
   'facebook.application-secret' => null,
 
 
 // -- Github ---------------------------------------------------------------- //
 
   // Can users use Github credentials to login to Phabricator?
   'github.auth-enabled'         => false,
 
   // Can users use Github credentials to create new Phabricator accounts?
   'github.registration-enabled' => true,
 
   // Are Github accounts permanently linked to Phabricator accounts, or can
   // the user unlink them?
   'github.auth-permanent'       => false,
 
   // The Github "Client ID" to use for Github API access.
   'github.application-id'       => null,
 
   // The Github "Secret" to use for Github API access.
   'github.application-secret'   => null,
 
 
 // -- Recaptcha ------------------------------------------------------------- //
 
   // Is Recaptcha enabled? If disabled, captchas will not appear.
   'recaptcha.enabled'           => false,
 
   // Your Recaptcha public key, obtained from Recaptcha.
   'recaptcha.public-key'        => null,
 
   // Your Recaptcha private key, obtained from Recaptcha.
   'recaptcha.private-key'       => null,
 
 
 // -- Misc ------------------------------------------------------------------ //
 
   // This is hashed with other inputs to generate CSRF tokens. If you want, you
   // can change it to some other string which is unique to your install. This
   // will make your install more secure in a vague, mostly theoretical way. But
   // it will take you like 3 seconds of mashing on your keyboard to set it up so
   // you might as well.
   'phabricator.csrf-key'        => '0b7ec0592e0a2829d8b71df2fa269b2c6172eca3',
 
   // Version string displayed in the footer. You probably should leave this
   // alone.
   'phabricator.version'         => 'UNSTABLE',
 
 
 // -- Files ----------------------------------------------------------------- //
 
   // Lists which uploaded file types may be viewed in the browser. If a file
   // has a mime type which does not appear in this list, it will always be
   // downloaded instead of displayed. This is a security consideration: if a
   // user uploads a file of type "text/html" and it is displayed as
   // "text/html", they can eaily execute XSS attacks. This is also a usability
   // consideration, since browsers tend to freak out when viewing enormous
   // binary files.
   //
   // The keys in this array are viewable mime types; the values are the mime
   // types they will be delivered as when they are viewed in the browser.
   'files.viewable-mime-types' => array(
     'image/jpeg'  => 'image/jpeg',
     'image/jpg'   => 'image/jpg',
     'image/png'   => 'image/png',
     'text/plain'  => 'text/plain; charset=utf-8',
   ),
 
 // -- Customization --------------------------------------------------------- //
 
   // Paths to additional phutil libraries to load.
   'load-libraries' => array(),
 
   'aphront.default-application-configuration-class' =>
     'AphrontDefaultApplicationConfiguration',
 
   'controller.oauth-registration' =>
     'PhabricatorOAuthDefaultRegistrationController',
 
 
   // Directory that phd (the Phabricator daemon control script) should use to
   // track running daemons.
   'phd.pid-directory' => '/var/tmp/phd',
 
 );
diff --git a/src/applications/people/controller/settings/PhabricatorUserSettingsController.php b/src/applications/people/controller/settings/PhabricatorUserSettingsController.php
index eafe26cd18..e22fe43913 100644
--- a/src/applications/people/controller/settings/PhabricatorUserSettingsController.php
+++ b/src/applications/people/controller/settings/PhabricatorUserSettingsController.php
@@ -1,456 +1,454 @@
 <?php
 
 /*
  * Copyright 2011 Facebook, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 class PhabricatorUserSettingsController extends PhabricatorPeopleController {
 
   private $page;
   private $accountEditable;
 
   public function willProcessRequest(array $data) {
     $this->page = idx($data, 'page');
   }
 
   public function processRequest() {
 
     $request = $this->getRequest();
     $user = $request->getUser();
 
     $pages = array(
       'account'     => 'Account',
       'email'       => 'Email',
 //      'password'    => 'Password',
       'arcanist'    => 'Arcanist Certificate',
     );
 
     $oauth_providers = PhabricatorOAuthProvider::getAllProviders();
     foreach ($oauth_providers as $provider) {
       if (!$provider->isProviderEnabled()) {
         continue;
       }
       $key = $provider->getProviderKey();
       $name = $provider->getProviderName();
       $pages[$key] = $name.' Account';
     }
 
     if (empty($pages[$this->page])) {
       $this->page = key($pages);
     }
 
     $account_editable = PhabricatorEnv::getEnvConfig('account.editable');
     $this->accountEditable = $account_editable;
 
     if ($request->isFormPost()) {
       switch ($this->page) {
         case 'email':
           if (!$account_editable) {
             return new Aphront400Response();
           }
           $user->setEmail($request->getStr('email'));
           $user->save();
           return id(new AphrontRedirectResponse())
             ->setURI('/settings/page/email/?saved=true');
         case 'arcanist':
 
           if (!$request->isDialogFormPost()) {
             $dialog = new AphrontDialogView();
             $dialog->setUser($user);
             $dialog->setTitle('Really regenerate session?');
             $dialog->setSubmitURI('/settings/page/arcanist/');
             $dialog->addSubmitButton('Regenerate');
             $dialog->addCancelbutton('/settings/page/arcanist/');
             $dialog->appendChild(
               '<p>Really destroy the old certificate? Any established '.
               'sessions will be terminated.');
 
             return id(new AphrontDialogResponse())
               ->setDialog($dialog);
           }
 
           $conn = $user->establishConnection('w');
           queryfx(
             $conn,
             'DELETE FROM %T WHERE userPHID = %s AND type LIKE %>',
             PhabricatorUser::SESSION_TABLE,
             $user->getPHID(),
             'conduit');
           // This implicitly regenerates the certificate.
           $user->setConduitCertificate(null);
           $user->save();
           return id(new AphrontRedirectResponse())
             ->setURI('/settings/page/arcanist/?regenerated=true');
         case 'account':
           if (!$account_editable) {
             return new Aphront400Response();
           }
 
           if (!empty($_FILES['profile'])) {
             $err = idx($_FILES['profile'], 'error');
             if ($err != UPLOAD_ERR_NO_FILE) {
               $file = PhabricatorFile::newFromPHPUpload($_FILES['profile']);
               $user->setProfileImagePHID($file->getPHID());
             }
           }
 
           $user->save();
           return id(new AphrontRedirectResponse())
             ->setURI('/settings/page/account/');
       }
     }
 
     switch ($this->page) {
       case 'arcanist':
         $content = $this->renderArcanistCertificateForm();
         break;
       case 'account':
         $content = $this->renderAccountForm();
         break;
       case 'email':
         $content = $this->renderEmailForm();
         break;
       default:
         if (empty($pages[$this->page])) {
           return new Aphront404Response();
         }
         $content = $this->renderOAuthForm($oauth_providers[$this->page]);
         break;
     }
 
 
     $sidenav = new AphrontSideNavView();
     foreach ($pages as $page => $name) {
       $sidenav->addNavItem(
         phutil_render_tag(
           'a',
           array(
             'href' => '/settings/page/'.$page.'/',
             'class' => ($page == $this->page)
               ? 'aphront-side-nav-selected'
               : null,
           ),
           phutil_escape_html($name)));
     }
 
     $sidenav->appendChild($content);
 
     return $this->buildStandardPageResponse(
       $sidenav,
       array(
         'title' => 'Account Settings',
       ));
   }
 
   private function renderArcanistCertificateForm() {
     $request = $this->getRequest();
     $user = $request->getUser();
 
     if ($request->getStr('regenerated')) {
       $notice = new AphrontErrorView();
       $notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
       $notice->setTitle('Certificate Regenerated');
       $notice->appendChild(
         '<p>Your old certificate has been destroyed and you have been issued '.
         'a new certificate. Sessions established under the old certificate '.
         'are no longer valid.</p>');
       $notice = $notice->render();
     } else {
       $notice = null;
     }
 
-    $host = PhabricatorEnv::getEnvConfig('phabricator.conduit-uri');
-
     $cert_form = new AphrontFormView();
     $cert_form
       ->setUser($user)
       ->appendChild(
         '<p class="aphront-form-instructions">Copy and paste this certificate '.
         'into your <tt>~/.arcrc</tt> in the "hosts" section to enable '.
         'Arcanist to authenticate against this host.</p>')
       ->appendChild(
         id(new AphrontFormTextAreaControl())
           ->setLabel('Certificate')
           ->setHeight(AphrontFormTextAreaControl::HEIGHT_SHORT)
           ->setValue($user->getConduitCertificate()));
 
     $cert = new AphrontPanelView();
     $cert->setHeader('Arcanist Certificate');
     $cert->appendChild($cert_form);
     $cert->setWidth(AphrontPanelView::WIDTH_FORM);
 
     $regen_form = new AphrontFormView();
     $regen_form
       ->setUser($user)
       ->setWorkflow(true)
       ->setAction('/settings/page/arcanist/')
       ->appendChild(
         '<p class="aphront-form-instructions">You can regenerate this '.
         'certificate, which will invalidate the old certificate and create '.
         'a new one.</p>')
       ->appendChild(
         id(new AphrontFormSubmitControl())
           ->setValue('Regenerate Certificate'));
 
     $regen = new AphrontPanelView();
     $regen->setHeader('Regenerate Certificate');
     $regen->appendChild($regen_form);
     $regen->setWidth(AphrontPanelView::WIDTH_FORM);
 
     return $notice.$cert->render().$regen->render();
   }
 
   private function renderAccountForm() {
     $request = $this->getRequest();
     $user = $request->getUser();
 
     $img_src = PhabricatorFileURI::getViewURIForPHID(
       $user->getProfileImagePHID());
 
     $editable = $this->accountEditable;
 
     $form = new AphrontFormView();
     $form
       ->setUser($user)
       ->setEncType('multipart/form-data')
       ->appendChild(
         id(new AphrontFormStaticControl())
           ->setLabel('Username')
           ->setValue($user->getUsername()))
       ->appendChild(
         id(new AphrontFormTextControl())
           ->setLabel('Real Name')
           ->setValue($user->getRealName())
           ->setDisabled(!$editable))
       ->appendChild(
           id(new AphrontFormMarkupControl())
             ->setValue('<hr />'))
       ->appendChild(
         id(new AphrontFormMarkupControl())
           ->setLabel('Profile Image')
           ->setValue(
             phutil_render_tag(
               'img',
               array(
                 'src' => $img_src,
               ))));
 
     if ($editable) {
       $form
         ->appendChild(
           id(new AphrontFormFileControl())
             ->setLabel('Change Image')
             ->setName('profile')
             ->setCaption('Upload a 50x50px image.'))
         ->appendChild(
             id(new AphrontFormMarkupControl())
               ->setValue('<hr />'))
         ->appendChild(
           id(new AphrontFormSubmitControl())
             ->setValue('Save'));
     }
 
     $panel = new AphrontPanelView();
     $panel->setHeader('Profile Settings');
     $panel->setWidth(AphrontPanelView::WIDTH_FORM);
     $panel->appendChild($form);
 
     return $panel->render();
   }
 
   private function renderEmailForm() {
     $request = $this->getRequest();
     $user = $request->getUser();
 
     $editable = $this->accountEditable;
 
     if ($request->getStr('saved')) {
       $notice = new AphrontErrorView();
       $notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
       $notice->setTitle('Changed Saved');
       $notice->appendChild('<p>Your changes have been saved.</p>');
       $notice = $notice->render();
     } else {
       $notice = null;
     }
 
     $form = new AphrontFormView();
     $form
       ->setUser($user)
       ->appendChild(
         id(new AphrontFormTextControl())
           ->setLabel('Email')
           ->setName('email')
           ->setDisabled(!$editable)
           ->setCaption(
             'Note: there is no email validation yet; double-check your '.
             'typing.')
           ->setValue($user->getEmail()));
 
     if ($editable) {
       $form
         ->appendChild(
           id(new AphrontFormSubmitControl())
             ->setValue('Save'));
     }
 
     $panel = new AphrontPanelView();
     $panel->setHeader('Email Settings');
     $panel->setWidth(AphrontPanelView::WIDTH_FORM);
     $panel->appendChild($form);
 
     return $notice.$panel->render();
   }
 
   private function renderOAuthForm(PhabricatorOAuthProvider $provider) {
 
     $request = $this->getRequest();
     $user = $request->getUser();
 
     $notice = null;
 
     $provider_name = $provider->getProviderName();
     $provider_key = $provider->getProviderKey();
 
     $oauth_info = id(new PhabricatorUserOAuthInfo())->loadOneWhere(
       'userID = %d AND oauthProvider = %s',
       $user->getID(),
       $provider->getProviderKey());
 
     $form = new AphrontFormView();
     $form
       ->setUser($user);
 
     $forms = array();
     $forms[] = $form;
     if (!$oauth_info) {
       $form
         ->appendChild(
           '<p class="aphront-form-instructions">There is currently no '.
           $provider_name.' account linked to your Phabricator account. You '.
           'can link an account, which will allow you to use it to log into '.
           'Phabricator.</p>');
 
       switch ($provider_key) {
         case PhabricatorOAuthProvider::PROVIDER_GITHUB:
           $form->appendChild(
             '<p class="aphront-form-instructions">Additionally, you must '.
             'link your Github account before Phabricator can access any '.
             'information about hosted repositories.</p>');
           break;
       }
 
       $auth_uri = $provider->getAuthURI();
       $client_id = $provider->getClientID();
       $redirect_uri = $provider->getRedirectURI();
 
       $form
         ->setAction($auth_uri)
         ->setMethod('GET')
         ->addHiddenInput('redirect_uri', $redirect_uri)
         ->addHiddenInput('client_id', $client_id)
         ->appendChild(
           id(new AphrontFormSubmitControl())
             ->setValue('Link '.$provider_name." Account \xC2\xBB"));
     } else {
       $form
         ->appendChild(
           '<p class="aphront-form-instructions">Your account is linked with '.
           'a '.$provider_name.' account. You may use your '.$provider_name.' '.
           'credentials to log into Phabricator.</p>')
         ->appendChild(
           id(new AphrontFormStaticControl())
             ->setLabel($provider_name.' ID')
             ->setValue($oauth_info->getOAuthUID()))
         ->appendChild(
           id(new AphrontFormStaticControl())
             ->setLabel($provider_name.' Name')
             ->setValue($oauth_info->getAccountName()))
         ->appendChild(
           id(new AphrontFormStaticControl())
             ->setLabel($provider_name.' URI')
             ->setValue($oauth_info->getAccountURI()));
 
       if (!$provider->isProviderLinkPermanent()) {
         $unlink = 'Unlink '.$provider_name.' Account';
         $unlink_form = new AphrontFormView();
         $unlink_form
           ->setUser($user)
           ->appendChild(
             '<p class="aphront-form-instructions">You may unlink this account '.
             'from your '.$provider_name.' account. This will prevent you from '.
             'logging in with your '.$provider_name.' credentials.</p>')
           ->appendChild(
             id(new AphrontFormSubmitControl())
               ->addCancelButton('/oauth/'.$provider_key.'/unlink/', $unlink));
         $forms['Unlink Account'] = $unlink_form;
       }
 
       $expires = $oauth_info->getTokenExpires();
       if ($expires) {
         if ($expires <= time()) {
           $expires = "Expired";
         } else {
           $expires = phabricator_format_timestamp($expires);
         }
       } else {
         $expires = 'No Information Available';
       }
 
       $scope = $oauth_info->getTokenScope();
       if (!$scope) {
         $scope = 'No Information Available';
       }
 
       $status = $oauth_info->getTokenStatus();
       $status = PhabricatorUserOAuthInfo::getReadableTokenStatus($status);
 
       $token_form = new AphrontFormView();
       $token_form
         ->setUser($user)
         ->appendChild(
           '<p class="aphront-from-instructions">insert rap about tokens</p>')
         ->appendChild(
           id(new AphrontFormStaticControl())
             ->setLabel('Token Status')
             ->setValue($status))
         ->appendChild(
           id(new AphrontFormStaticControl())
             ->setLabel('Expires')
             ->setValue($expires))
         ->appendChild(
           id(new AphrontFormStaticControl())
             ->setLabel('Scope')
             ->setValue($scope));
 
       $forms['Account Token Information'] = $token_form;
     }
 
     $panel = new AphrontPanelView();
     $panel->setHeader($provider_name.' Account Settings');
     $panel->setWidth(AphrontPanelView::WIDTH_FORM);
     foreach ($forms as $name => $form) {
       if ($name) {
         $panel->appendChild('<br /><br /><h1>'.$name.'</h1>');
       }
       $panel->appendChild($form);
     }
 
     return $notice.$panel->render();
 
 
   }
 
 }